I run this nat.sh script whenever I need to share my 3g connection to other computers in the switch I’m plugged into. Please note that it resets existing iptables rules.

   1  #!/bin/bash
   2  iptables --flush            
   3  iptables --table nat --flush
   4  iptables --delete-chain
   5  iptables --table nat --delete-chain
   6  
   7  echo 1 > /proc/sys/net/ipv4/ip_forward
   8  
   9  internal=eth0
  10  external=ppp0
  11  /sbin/iptables -t nat -A POSTROUTING -o ${external} -j MASQUERADE
  12  /sbin/iptables -A FORWARD -i ${external} -o ${internal} -m state --state RELATED,ESTABLISHED -j ACCEPT
  13  /sbin/iptables -A FORWARD -i ${internal} -o ${external} -j ACCEPT

Reset all rules of iptables. Handy to put in the root’s crontab while configuring a remote firewall.

   1  #!/bin/sh
   2  # 
   3  # rc.flush-iptables - Resets iptables to default values. 
   4  # 
   5  # Copyright (C) 2001  Oskar Andreasson <bluefluxATkoffeinDOTnet>
   6  #
   7  # This program is free software; you can redistribute it and/or modify
   8  # it under the terms of the GNU General Public License as published by
   9  # the Free Software Foundation; version 2 of the License.
  10  #
  11  # This program is distributed in the hope that it will be useful,
  12  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  # GNU General Public License for more details.
  15  #
  16  # You should have received a copy of the GNU General Public License
  17  # along with this program or from the site that you downloaded it
  18  # from; if not, write to the Free Software Foundation, Inc., 59 Temple
  19  # Place, Suite 330, Boston, MA  02111-1307   USA
  20  
  21  #
  22  # Configurations
  23  #
  24  IPTABLES="/sbin/iptables"
  25  
  26  #
  27  # reset the default policies in the filter table.
  28  #
  29  $IPTABLES -P INPUT ACCEPT
  30  $IPTABLES -P FORWARD ACCEPT
  31  $IPTABLES -P OUTPUT ACCEPT
  32  
  33  #
  34  # reset the default policies in the nat table.
  35  #
  36  $IPTABLES -t nat -P PREROUTING ACCEPT
  37  $IPTABLES -t nat -P POSTROUTING ACCEPT
  38  $IPTABLES -t nat -P OUTPUT ACCEPT
  39  
  40  #
  41  # reset the default policies in the mangle table.
  42  #
  43  $IPTABLES -t mangle -P PREROUTING ACCEPT
  44  $IPTABLES -t mangle -P POSTROUTING ACCEPT
  45  $IPTABLES -t mangle -P INPUT ACCEPT
  46  $IPTABLES -t mangle -P OUTPUT ACCEPT
  47  $IPTABLES -t mangle -P FORWARD ACCEPT
  48  
  49  #
  50  # flush all the rules in the filter and nat tables.
  51  #
  52  $IPTABLES -F
  53  $IPTABLES -t nat -F
  54  $IPTABLES -t mangle -F
  55  #
  56  # erase all chains that's not default in filter and nat table.
  57  #
  58  $IPTABLES -X
  59  $IPTABLES -t nat -X
  60  $IPTABLES -t mangle -X
  61